专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2022069959A1 ESTABLISHING A SECURE CONNECTION 审中-公开
公开(公告)号：WO2022069959A1
公开(公告)日：2022-04-07
申请号：PCT/IB2021/057620
申请日：2021-08-18
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
发明人： WIFVESSON, Monica , TSIATSIS, Vlasios , MATTSSON, John
IPC分类号： H04W12/37 , H04W12/08 , H04L29/06
摘要： A communication device establishes a secure connection in a wireless communication network. The communication device communicates a request to use a communication service provided by the wireless communication network, the request including an indication that the communication device can support the requested communication service and an Authentication and Key Management for Applications (AKMA) service provided by the wireless communication network. Responsive to communicating the request, the communication device receives a communication comprising information that indicates whether the requested communication service and the AKMA service can be provided to the communication device to establish the secure connection in the wireless communication network.

2. 发明申请

WO2021089396A1 SUBSCRIPTION CONCEALED IDENTIFIER PRIVACY 审中-公开
公开(公告)号：WO2021089396A1
公开(公告)日：2021-05-14
申请号：PCT/EP2020/080362
申请日：2020-10-29
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
发明人： MATTSSON, John , NAKARMI, Prajwol Kumar , THORMARKER, Erik
IPC分类号： H04W12/02 , H04W12/03 , H04W12/72
摘要： A user equipment ("UE") in a wireless communication network can generate a padded identifier by inserting a padding bitstring in a field of an identifier associated with the UE. The UE can further encrypt the padded identifier to generate a concealed padded identifier. The UE can further transmit the concealed padded identifier to a network node operating in the wireless communication network.

3. 发明申请

WO2022262962A1 DIGEST ACCESS AUTHENTICATION FOR A CLIENT DEVICE 审中-公开
公开(公告)号：WO2022262962A1
公开(公告)日：2022-12-22
申请号：PCT/EP2021/066168
申请日：2021-06-16
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
发明人： LEHTOVIRTA, Vesa , ARKKO, Jari , SETHI, Mohit , MATTSSON, John
IPC分类号： H04W12/06 , G06F21/36 , G06F2221/2103 , H04L2463/082 , H04L63/0846 , H04L63/101 , H04L63/1466 , H04L63/205
摘要： A method comprising a client device performing digest access authentication with a server device. The digest access authentication comprises sending a first request towards the server device for accessing a resource. The digest access authentication comprises receiving a first response from the server device. The first response comprises at least two challenges and indications of as many different digest algorithms, one digest algorithm is associated with each challenge. The digest access authentication comprises calculating a response to one of the challenges using the digest algorithm associated with said one of the challenges. The response to said one of the challenges is indicative of all of the different digest algorithms. The digest access authentication comprises sending a second request towards the server device for accessing the resource. The second request comprises the response to said one of the challenges. The digest access authentication comprises receiving a second response from the server device. The second response indicates successful digest access authentication with the server device.

4. 发明申请

WO2016209126A1 METHODS, NETWORK NODES, MOBILE ENTITY, COMPUTER PROGRAMS AND COMPUTER PROGRAM PRODUCTS FOR PROTECTING PRIVACY OF A MOBILE ENTITY 审中-公开
标题翻译：方法，网络编号，移动实体，计算机程序和计算机程序产品，用于保护移动实体的隐私
公开(公告)号：WO2016209126A1
公开(公告)日：2016-12-29
申请号：PCT/SE2015/050728
申请日：2015-06-23
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
发明人： NORRMAN, Karl , NÄSLUND, Mats , MATTSSON, John , CHENG, Yi
IPC分类号： H04W12/02 , H04L9/32 , H04W8/26 , H04W12/06
CPC分类号： H04L9/3271 , H04L63/0414 , H04L2209/42 , H04L2209/80 , H04W8/26 , H04W12/02 , H04W12/06
摘要： A method (20) for a first network node (5, 15) of protecting confidentiality of a first identifier associated by the first network node (5, 15) with a subscription used by a mobile entity (6, 16) in a communications network (1, 10) is provided. The communications network (1, 10) comprises a home network (3, 13) of the mobile entity (6, 16) and a serving network (2, 4, 12, 14) serving the mobile entity (6, 16). The method (20) comprises the following steps performed by the first network node (5, 5), which is part of the home network (3, 13): receiving (21), from a second network node (4, 14) which is part of the serving network (2, 12), a first request for authentication information for the mobile entity (6, 16), the first request comprising the first identifier, generating (22) a first pseudonym associated with the first identifier, creating (23) a link between the first pseudonym and the first identifier, and sending (24), to the second network node (4, 14), the first pseudonym in response to the first request for authentication information for use as an identifier for the mobile entity (6, 16) in the serving network (2, 12). A method (70) for a second network node is also provided, and corresponding network nodes, computer programs and computer program products.
摘要翻译：一种用于通过由通信网络中的移动实体（6,16）使用的订阅来保护由第一网络节点（5,15）相关联的第一标识符的机密性的第一网络节点（5,15）的方法（20）（1,10）。通信网络（1,10）包括移动实体（6,16）的归属网络（3,13）和服务于移动实体（6,16）的服务网络（2,4,12,14）。方法（20）包括作为家庭网络（3,13）的一部分的第一网络节点（5,5）执行的以下步骤：从第二网络节点（4,14）接收（21）是服务网络（2,12）的一部分，对移动实体（6,16）的认证信息的第一请求，第一请求包括第一标识符，生成（22）与第一标识符相关联的第一假名，创建（23）第一假名和第一标识符之间的链接，并且向第二网络节点（4,14）发送（24）第一假名，响应于用于认证信息的第一请求用作用于移动实体（6,16）在服务网络（2,12）中。还提供了用于第二网络节点的方法（70），以及相应的网络节点，计算机程序和计算机程序产品。

5. 发明申请

WO2009070075A1 KEY MANAGEMENT FOR SECURE COMMUNICATION 审中-公开
标题翻译：安全通信的关键管理
公开(公告)号：WO2009070075A1
公开(公告)日：2009-06-04
申请号：PCT/SE2007/050927
申请日：2007-11-30
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , BLOM, Rolf , CHENG, Yi , LINDHOLM, Fredrik , MATTSSON, John , NÄSLUND, Mats , NORRMAN, Karl
发明人： BLOM, Rolf , CHENG, Yi , LINDHOLM, Fredrik , MATTSSON, John , NÄSLUND, Mats , NORRMAN, Karl
IPC分类号： H04L9/08
CPC分类号： H04L9/0838 , H04L9/083 , H04L9/0861 , H04L63/061 , H04L63/062 , H04L63/0884 , H04L65/1016
摘要： A method and arrangement is disclosed for managing session keys for secure communication between a first and at least a second user device in a communications network. The method is characterized being independent of what type of credential each user device implements for security operations. A first user receives from a first key management server keying information and a voucher and generates a first session key. The voucher is forwarded to at least a responding user device that, with support from a second key management server communicating with the first key management server, resolves the voucher and determines a second session keys. First and second session keys are, thereafter, used for secure communication. In one embodiment the communication traverses an intermediary whereby first and second session keys protect communication with respective leg to intermediary.
摘要翻译：公开了一种用于管理用于通信网络中的第一和第二用户设备之间的安全通信的会话密钥的方法和装置。该方法的特征在于独立于每个用户设备为安全操作实现什么类型的凭证。第一用户从第一密钥管理服务器接收密钥信息和凭证并生成第一会话密钥。该凭证被转发到至少一个响应用户设备，在来自与第一密钥管理服务器通信的第二密钥管理服务器的支持下，解决凭证并确定第二会话密钥。此后，第一和第二会话密钥用于安全通信。在一个实施例中，通信遍及中间体，由此第一和第二会话密钥保护与相应的腿到中间的通信。

6. 发明申请

WO2021009554A1 METHOD AND SYSTEM FOR SECURED INFORMATION EXCHANGE BETWEEN INTERMEDIATE AND ENDPOINT NODES IN A COMMUNICATIONS NETWORK 审中-公开
公开(公告)号：WO2021009554A1
公开(公告)日：2021-01-21
申请号：PCT/IB2019/056182
申请日：2019-07-18
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
发明人： WESTERLUND, Magnus , MATTSSON, John , SARKER, Zaheduzzaman , FERLIN, Simone
IPC分类号： H04L29/06
摘要： Embodiments of the invention include methods, system, and software for secured information exchange between intermediate and endpoint nodes. In one embodiment, a method is performed by a network device that is on a path of a traffic flow between source and destination network devices. The method includes receiving an Internet Protocol (IP) packet of a traffic flow sourced from the source network device and destined for the destination network device, the IP packet including a transport protocol payload. The method further includes inserting traffic flow information into the IP packet, where the network device encrypts the traffic flow information prior to the inserting; and the method continues with transmitting the IP packet after the inserting toward the destination network device, where the IP packet after the inserting includes the encrypted traffic flow information and encryption information to allow another network device to decrypt the encrypted traffic flow information.

7. 发明申请

WO2019110445A1 SECURITY FOR GROUP COMMUNICATION 审中-公开
公开(公告)号：WO2019110445A1
公开(公告)日：2019-06-13
申请号：PCT/EP2018/083144
申请日：2018-11-30
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
发明人： SELANDER, Göran , MATTSSON, John
IPC分类号： H04L29/06
摘要： Embodiments presented herein relates to a method for enabling secure group communication in a communication network. The method is performed in a sending node (2) and comprises providing (S200) signature verification related information to a plurality of listening nodes (1) and sending (S210) a group message to the plurality of listening nodes (1), the group message comprising signature verification related information of the sending node. A method, nodes, computer programs, and a computer program product enabling secure group communication in a communication network are also presented.

8. 发明申请

WO2009153072A1 SENDING SECURE MEDIA STREAMS 审中-公开
标题翻译：发送安全媒体流
公开(公告)号：WO2009153072A1
公开(公告)日：2009-12-23
申请号：PCT/EP2009/052078
申请日：2009-02-20
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , BLOM, Rolf , CHENG, Yi , MATTSSON, John , NÄSLUND, Mats , NORRMAN, Karl
发明人： BLOM, Rolf , CHENG, Yi , MATTSSON, John , NÄSLUND, Mats , NORRMAN, Karl
IPC分类号： H04L29/06
CPC分类号： H04L65/605 , H04L63/0428 , H04L65/608
摘要： A method and apparatus for sending a first secured media stream having a payload via an intermediate node. The intermediate node receives from a sender the first secured media stream. An end-to-end context identifier and a hop-by-hop context identifier are determined for the first secured media stream, where the hop-by-hop context identifier relates to the intermediate node and the end-to-end identifier relates to the sender. A second secured media stream is generated, which includes at least the payload of the first secured media stream and the context identifiers to identify the first secured media stream. The second secured media stream is sent to a receiving node, and the context identifiers are also sent to the receiving node. The context identifiers are usable by the receiving node to recover the first secured media stream.
摘要翻译：一种用于通过中间节点发送具有有效载荷的第一安全媒体流的方法和装置。中间节点从发送器接收第一安全媒体流。针对第一安全媒体流确定端到端上下文标识符和逐跳上下文标识符，其中逐跳上下文标识符与中间节点相关，并且端到端标识符与发件人。生成第二安全媒体流，其包括至少第一安全媒体流的有效载荷和上下文标识符以识别第一安全媒体流。第二安全媒体流被发送到接收节点，并且上下文标识符也被发送到接收节点。上下文标识符可由接收节点使用以恢复第一安全媒体流。

9. 发明申请

WO2023067400A1 KEY REPLACEMENT DURING DATAGRAM TRANSPORT LAYER SECURITY (DTLS) CONNECTIONS OVER STREAM CONTROL TRANSMISSION PROTOCOL (SCTP) 审中-公开
公开(公告)号：WO2023067400A1
公开(公告)日：2023-04-27
申请号：PCT/IB2022/057712
申请日：2022-08-17
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
发明人： WESTERLUND, Magnus , MATTSSON, John , PORFIRI, Claudio
IPC分类号： H04L65/65 , H04L9/40
摘要： Embodiments include methods, electronic device, storage medium, and computer program to implement parallel Datagram Transport Layer Security (DTLS) connections over a stream control transmission protocol (SCTP) association. In one embodiment, a method at a first network node for encoding user messages for secure transmission to a second network node comprises: initiating a Datagram Transport Layer Security (DTLS) connection over a stream control transmission protocol (SCTP) association through a DTLS handshake using an existing Authenticated Chunks for SCTP (SCTP-AUTH) key from an existing DTLS connection over the SCTP association that transmits user messages; deriving a new SCTP-AUTH key from the initiated DTLS connection; transmitting further user messages through the initiated DTLS connection with the new SCTP-AUTH key; and closing the existing DTLS connection over the SCTP association upon confirmation that SCTP packets encrypted with the existing DTLS connection and SCTP packets authenticated by the existing SCTP-AUTH key have been delivered.

10. 发明申请

WO2023011702A1 ESTABLISHMENT OF FORWARD SECRECY DURING DIGEST AUTHENTICATION 审中-公开
公开(公告)号：WO2023011702A1
公开(公告)日：2023-02-09
申请号：PCT/EP2021/071619
申请日：2021-08-03
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
发明人： LEHTOVIRTA, Vesa , SETHI, Mohit , ARKKO, Jari , MATTSSON, John
IPC分类号： H04L9/06 , H04L9/08 , H04L9/32 , H04L9/00
摘要： There is provided mechanisms for establishing forward secrecy during digest access authentication. A method is performed by a client device. The method comprises performing digest access authentication with a server device. The digest access authentication comprises sending a first request towards the server device for accessing a resource. The digest access authentication comprises receiving a first response from the server device. The first response comprises a challenge and a public component of an asymmetric key pair for a key exchange with the server device. The digest access authentication comprises calculating, using a digest algorithm, a response parameter based at least on the challenge and the public component of the asymmetric key pair. The digest access authentication comprises sending a second request towards the server device for accessing the resource. The second request comprises the calculated response parameter. The digest access authentication comprises receiving a second response from the server device. The second response indicates successful digest access authentication with the server device.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式